Hacker Steals $80 Million From DeFi Lender ‘Rari Capital’ via Fei Protocol Exploit

By Phil Stafford May 03, 2022 In Crypto News, DeFi, Hackers

DeFi platform Rari Capital has been hacked for more than US$80 million in assets held within its Fuse lending pools.

Rari Capital’s Fuse platform enables DeFi developers to create their own lending markets. Security firm BlockSec identified the exploit as having occurred because of a reentrancy vulnerability in the protocol’s smart contract.

Development team Fei Protocol, which runs a decentralised US dollar-pegged stablecoin called Fei USD, was the biggest loser in the hack. The team manages lending markets on Fuse, where users can deposit funds for an annual yield and also take out loans in FEI stablecoin.

$10 Million Bounty Offered, ‘No Questions Asked’

Fei Protocol has acknowledged the massive exploit and asked the hacker(s) to return the funds to claim a US$10 million bounty:

Advertisement

The Rari Capital exploit is the third significant reentrancy hack in six months. In December, the unfortunately named Grim Finance, a compounding yield optimiser on the Fantom blockchain, was drained of an estimated US$30 million in Fantom (FTM) tokens.

And early last month, DeFi protocol Ola Finance suffered a US$3.6 million hack, also blamed on a reentrancy bug. A fortnight earlier, DeFi lending protocols Agave and Hundred Finance were exploited for approximately US$11 million. DeFi continues to provide far too much fertile ground for hackers.

Phil Stafford
Author

Phil Stafford

Phil is a long-standing Australian journalist with specialised experience in business, finance, travel and popular culture.

You may also like